Blogs.Researches.Insights

Blogs, Researches and Insights by Pandora Security Labs.

Have you ever experienced being bullied by a group of kids or get tons of assignments to be submitted on the same date? How does that feel? Overwhelming, right? Well applications, systems, and other devices can also feel the same thing when they are getting Denial-Of-Service (DoS) attacks. So you’re probably here because you…

Intoduction HTTPS or SSL mainly revolves around the terms, encryption and identity assurance. HTTPS can be found in applications usually dealing with E-commerce, online banking, on online transaction involving monetary value, and sensitive data. Because this little thing right here encrypts and protects your valuable data while it’s travelling through the cloud and into…

What is Shellshock? If you read a lot about history and medical conditions, you might probably thinking about the post traumatic disorder syndrome wherein soldiers during the first world war suffered from. We will not be talking about that “shellshock” in this case. The shellshock that we are going to talk about is the…

Introduction Where do you keep your valuables, important documents, or credit cards? Is it really safe? Do you have the keys? Who else got the keys? Are you sure they’re all protected from all kinds of threats? With all the creative ideas of attackers, syndicates, bad guys nowadays, it is really difficult to be…

Introduction There are lots of web application firewall solutions (also known as WAF) nowadays. There are even different kinds of WAF: appliance-based, cloud-based, server-based, and application-based. But how can you know which kind of WAF fits your bill? Previously, WebRanger has been compared as an alternative to CloudFlare. This time let’s compare WebRanger and Incapsula.…

Introduction SAFE. It can be a metal box with a combination where you can put your highly confidential documents or expensive valuables for safekeeping; or an underground shelter which you believe that can protect anyone from any kind of storm or calamity. But is there really a place, storage, or anything that is safe? With regards to the Internet…

Introduction Ever wondered how on earth hackers hack your website? Is it easy, or is it difficult? Why do the hacker-guy Justin Long, in Die Hard 4 find it easy to hack? Can we stop it? Why on earth do that junkie guy in Mr. Robot get through with just small information? Is there…

INTRODUCTION In the recent Ant Man movie, I want to focus on one thing – Luis, Scott’s extremely chatty friend. In their quest to stop Darren Cross from his evil plans, Luis disguised as a security guard to help Scott with their plan to infiltrate the Pym Technologies building where Cross’ powerful Yellowjacket resides.…

Last December 2015, a new Joomla critical RCE vulnerability has been actively attacked by hackers. This vulnerability allows hackers to conduct PHP object injection attacks leading to a full remote command execution [1]. The Joomla versions 1.5 to 3.4.5 are affected and are therefore susceptible to this attack. A modified payload of the attack from an IP…

Introduction If you own a WordPress website there’s a high possibility that you have already encountered this numerous times. These are those comments which are not content related advertisements and most of the times incoherent phrases or paragraphs. They are attempts to generate or boost web traffic to their own website. According to Wikipedia,…

How IT All Began Websites and web applications are one of the most vulnerable digital asset any organization. Why so? Because it is open to the public, 24×7. As more and more activities are now being done online through websites and web applications, the urgency of securing them is real. Websites are primarily visited…

Introduction Magento[1] is an e-commerce platform which provides online merchants with a shopping cart system. Last February, a shoplift bug patch was issued by Magento.com[2]. It addresses remote code execution (RCE) vulnerability also known as the “Magento shoplift bug” that allows the attacker to obtain Admin access to the store. Detection Pandora WebRanger…

INTRODUCTION Nowadays, different kinds of bots have been lurking in the web and as developers or website owners, you must be mindful which are possible threats are or not. First things first. What are bots and what can they do to your website? Bots are basically software programs which imitate human behavior for different…

Introduction Last September 2015, Sucuri has identified a new exploit called the WordPress brute force amplification attack targeting WordPress sites [1]. This new exploit attempts to guess tens to thousands of different usernames and passwords in a single HTTP request through a feature of XML Remote Procedural Call (XMLRPC). To further understand how this…

Introduction This year there has been two incidents of Local File Inclusion[1] (also known as LFI) vulnerability for the Magento Magmi plugin. The first vulnerability was published on exploit-db.com by SECUPENT[2]. It was a vulnerability in web/ajax_pluginconfig.php. Last October, security vendor Trustwave also published[3] about a zero-day vulnerability.It was previously discovered that the Magmi version…

Introduction A new vulnerability targeting the Joomla Platform has been discovered by a researcher named Asaf Orpani from Trustwave SpiderLabs[1]. Joomla is one of the most used content management system across the web and is known to be second from WordPress[2]. The vulnerability exhibits a SQLi that targets a core module of Joomla,…

Introduction Previously, an exploit was demonstrated in Magento by taking advantage of the known SQLi vulnerability (CVE-2015-1397). Though that the previous exploit is directed at the core files of Magento, today will be directed at plugins or extensions from a different content management system. This Joomla plugin vulnerability is also known as Using Components with…

CVE: 2015-5468 Affected component: e-Commerce Shop Styling Plugin v2.4 and below Tested on: WordPress 4.1.1 Introduction Plugins or extensions are separate software components that add addition functions and power to an existing software or application. These plugins are what make WordPress websites to become more than a blogging site, where it is…

CVE: 2015-3440 Affected component: WordPress 4.2, 4.1.2, 4.1.1, 3.9.3 Tested on: WordPress 4.2 Introduction WordPress is another Content Management System (CMS) used on millions of sites around the globe. It provides free and easy way to create and host websites on which users can select from a number of themes, both free and…

Introduction It is common to see nowadays that businesses are leveraging the use of content management systems (CMS) for their own advantages. Throughout the time these CMS have changed from simple platforms that cater to blogs and forums to eventually cater to ecommerce platforms. Given that these ready-made websites offers several advantages, they are not…

Before the year ends, another big security scandal arises. From Drupal’s Public Security Announcement (PSA) page, “Automated attacks began compromising Drupal 7 websites that were not patched or updated to Drupal 7.32 within hours of the announcement of SA-CORE-2014-005 – Drupal core – SQL injection. You should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before Oct 15th, 11pm UTC, that is 7 hours after the announcement.”

Try WebRanger for Free Today!

Because of the growth of attacks throughout the years, the most effective security measure involves knowing who the attacker is and what they are trying to attack you with – even before it happens, identifying and eliminating attacks to your website around the clock.